The Guardian Project’s award-winning open-source app “Gibberbot” for Android, has been rebranded to “ChatSecure” for its version 12 release, unifying the branding with the iPhone and iPad apps, while offering major updates in security from the device through the network.

October 20, New York, NY – The Guardian Project, a New York-based open-source mobile security incubator, has launched version 12 of its well-regarded secure messaging app for Android, rebranding it to “ChatSecure” to unify branding with existing open-source iPhone and iPad apps. The new upgrade brings an entirely new fluid user interface, and unprecedented security features for users looking to protect their message content (what they are saying) and their metadata (who, why and where) from malicious adversaries and apps, hostile network operators, and dragnet surveillance. It is completely open-source, utilizes interoperable protocols, and has undergone third-party security audits and code reviews.

“We believe you should not have to compromise on choice and usability, to have reliable, strong security”, said Guardian Project founder, Nathan Freitas. “Some companies want to limit you to their closed, proprietary services that are centrally hosted and easily blocked or monitored. We see that as fragile and unsustainable, and ultimately, hostile and unfriendly to users, who want choice, freedom and the ability to easily and safely communicate with their friends and family around the world”.

ChatSecure is compatible with thousands of instant messaging service providers around the world, including Google, Facebook, DuckDuckGo and Jabber.org. It also works with open-source server software, such as Prosody, enabling service providers, enterprise and other organizations to host their own servers. ChatSecure users also can communicate securely with anyone using a compatible app on Windows, Mac OS or Linux, such as Pidgin, Adium or Jitsi. The app also supports peer-to-peer wifi chat using Bonjour and Tor, allowing for secure messaging to happen even in places where there is no access to the internet or the internet is blocked. It also includes a quick access “Panic” feature to uninstall the app and wipe all local data.

The software ensures the most secure network channels are utilized, by enforcing Certificate Pinning, Perfect-Forward Secrecy and communicating via the Tor network. All conversations held through ChatSecure can be encrypted using an open-standards end-to-end encryption protocol known as “Off the Record Messaging”, pioneered and hardened over the last decade by security researchers. All account data, messages and contacts stored on the device are encrypted and password protected using strong encryption provided by SQLCipher database software, ensuring no leakage of personal data if the device is lost, stolen or compromised.

Post navigation

Can this also please me made available as soon as possible in the Guardian Projects F-Droid repository? It doesn’t seem to get much love as of late, the apps in it are usually out of date as compared to Google Play.

I have noticed that some times chat secure well say the session is encrypted on both phones but the color of the sent text indicates that the message isn’t encrypted. this is verified because you can see the clear text in normal gmail.

Indeed we deliberately set the name the same as the iOS app because it is produced by a partner organization, and is also partially funded by The Guardian Project. As for F-Droid, you can get the latest versions of any of our apps, including ChatSecure, from our own F-Droid repo: https://guardianproject/repo We’re working on getting it into the official F-Droid repo also, but its not there yet.

Question:
I just downloaded Chatsecure, and haven’t understood – is Chatsecure chats (app to app) by default encrypted or do I need to do something?

There is a padlock in the upper right corner – when I click it to activate “Start Encryption” the process-symbol just keeps going in circles, as if it is waiting for something – so I don’t know if my chats are encrypted or not.

You won’t get encryption until the other end of the conversation is open. There is a settings option to require encryption. If you use a “burner” account (rightmost page of new account) on jabber.calyxinstitute.org, the server rejects unencrypted messages and nags you to encrypt them.